checkLogin() {
    u=$(post_key $query_string username)
    p=$(post_key $query_string password)
    u=$(echo -n $u | sed 's/\\/\\\\/g;s/\(%\)\([0-9a-fA-F][0-9a-fA-F]\)/\\x\2/g')
    p=$(echo -n $p | sed 's/\\/\\\\/g;s/\(%\)\([0-9a-fA-F][0-9a-fA-F]\)/\\x\2/g' | md5sum | awk '{print $1}')
    token=$(echo "$HTTP_COOKIE" | sed "s#;#\n#g" | grep "token" | awk -F '=' '{print $2}')
    file=$(mktemp /tmp/user.XXXXXXXXXX)

    case $1 in
    token)
        db_connect "SELECT \`username\`,\`Png\` FROM \`user\` WHERE token = \"$token\"" | sed -e '1d' >$file
        f=$(cat $file)

        if [ -z $f ]; then

            View=$(cat template/login.html)
            eval "cat <<EOF
$(<template/base-login.html)
EOF"
            exit 255
        fi
        username=$(echo $f | awk '{print $1}')
        headImage=$(echo $f | awk '{print $2}')

        ;;

    password)

        Time=$(date +"%Y-%m-%e-%R")

        token=$(echo -n "${u}token${p}" | md5sum | awk '{print $1}')
        db_connect "SELECT \`id\` FROM \`user\` WHERE username = \"$u\" AND \`password\` = \"$p\";" | sed -e '1d' >$file
        if [ ! -z $(cat $file) ]; then
            View=$(eval "cat <<EOF
                            $(<template/token.html)
EOF")
            eval "cat <<EOF
    $(<template/base.html)
EOF"

            sql="update \`user\` set  token=\"$token\" \`uptime\`=\"$Time\" WHERE username = \"$u\""
            logInput Write "  添加数据  $sql"
            DataHanle $sql

        else
            echo "<script>window.location.href=\"index.cgi\"</script>"
        fi
        ;;
    *)
        echo "login error"
        ;;
    esac
    rm -rf $file

}
